review.fuel-infra Code Review - openstack-build/neutron-build.git/commit

author	Divya ChanneGowda <divya.hc@gmail.com>
	Tue, 15 Jul 2014 21:33:30 +0000 (14:33 -0700)
committer	Divya ChanneGowda <divya.hc@gmail.com>
	Wed, 20 Aug 2014 04:23:29 +0000 (21:23 -0700)
commit	b24aba20596670ceae118054ca46c568c9a91fac
tree	c8a386c8cace33c60ec65f940e380930fb584e37	tree \| snapshot
parent	50126be5ba4b1acc36d5fe9e5d180be8ce2ceb06	commit \| diff

Implements securitygroup extension for nuage plugin

In Nuage VSP, the scope of vport-tag(Neutron securitygroup equivalent) is either
per router or per subnet whereas securitygroup scope in Neutron is per tenant.
Because of this, the mapping between neutron and VSP resource always happens at
the port create or update time, such that port's router/subnet is known and
thus sg attachment point in VSP is known.
On port-update --security-group sg1, if this is the first port getting attached
to that security-group, corresponding vport-tag(for sg) and rules( for sg rules)
are created on VSP. Subsequent port-update for the same sg1 will just update the
port to vport-tag binding. When security-group and security-group-rules are
deleted on neutron, corresponding vport-tag and rules are deleted on the VSP.

Implements: blueprint securitygroup-ext-for-nuage-plugin

Change-Id: If6f7f16ad727ae9394008fb81b56c785c2404c8f

neutron/plugins/nuage/plugin.py		diff \| blob \| history
neutron/tests/unit/nuage/fake_nuageclient.py		diff \| blob \| history
neutron/tests/unit/nuage/test_nuage_plugin.py		diff \| blob \| history